Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2019:1234-1 Important: Containerd Docker Issues and Fixes

suse
Calendar Grey May 14, 2019
Dist Suse Esm H88
SUSE Vulnerability Patch tackles 4 container-specific vulnerabilities and enhances docker, golang versions. Take steps to safeguard your environment.
An update that solves 5 vulnerabilities and has 6 fixes is now available

Summary

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues: Security issues fixed: - CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967). - CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013). - CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897). - CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898). - CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899). Other changes and bug fixes: - Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).

Topics%20covered

Topics Covered

security advisory DoS important SUSE Docker container issue container breakout

References

#1114209 #1114832 #1118897 #1118898 #1118899

#1121397 #1121967 #1123013 #1128376 #1128746

#1134068

Cross- CVE-2018-16873 CVE-2018-16874 CVE-2018-16875

CVE-2019-5736 CVE-2019-6486

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Containers 15

https://www.suse.com/security/cve/CVE-2018-16873.html

https://www.suse.com/security/cve/CVE-2018-16874.html

https://www.suse.com/security/cve/CVE-2018-16875.html

https://www.suse.com/security/cve/CVE-2019-5736.html

https://www.suse.com/security/cve/CVE-2019-6486.html

https://bugzilla.suse.com/1114209

https://bugzilla.suse.com/1114832

https://bugzilla.suse.com/1118897

https://bugzilla.suse.com/1118898

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:1234-1
Rating: important

Topics%20covered

Topics Covered

security advisory DoS important SUSE Docker container issue container breakout

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here